app.thnks.com Open in urlscan Pro
2600:9000:2057:1600:1e:aead:b400:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*
Submission: On October 21 via api (October 21st 2024, 12:32:43 pm UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 19 domains to perform 89 HTTP transactions. The main IP is 2600:9000:2057:1600:1e:aead:b400:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.thnks.com. The Cisco Umbrella rank of the primary domain is 635772.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 20th 2024. Valid for: a year.

This is the only time app.thnks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2600:9000:205... 2600:9000:2057:1600:1e:aead:b400:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.77.37.101 104.77.37.101	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.35.58.22 13.35.58.22	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
11	2a02:6ea0:c70... 2a02:6ea0:c700::112	60068 (CDN77 _) (CDN77 _)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
2	216.58.206.36 216.58.206.36	15169 (GOOGLE) (GOOGLE)
11	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
2	34.208.71.80 34.208.71.80	16509 (AMAZON-02) (AMAZON-02)
3	2600:1f14:5db... 2600:1f14:5db:eb22:2b69:808b:7241:9f83	16509 (AMAZON-02) (AMAZON-02)
3	44.240.52.117 44.240.52.117	16509 (AMAZON-02) (AMAZON-02)
1	18.239.36.23 18.239.36.23	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
2	18.245.46.20 18.245.46.20	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:2832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1	44.218.51.203 44.218.51.203	14618 (AMAZON-AES) (AMAZON-AES)
5	52.45.139.96 52.45.139.96	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:3bb5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:6ea0:c70... 2a02:6ea0:c700::21	60068 (CDN77 _) (CDN77 _)
1	35.190.25.25 35.190.25.25	() ()
89	29

15 2600:9000:2057:1600:1e:aead:b400:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.thnks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.77.37.101 (Zurich, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-37-101.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.58.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-22.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6ea0:c700::112 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.208.71.80 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-71-80.us-west-2.compute.amazonaws.com

api.thnks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f14:5db:eb22:2b69:808b:7241:9f83 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.240.52.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-52-117.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.36.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-23.ams58.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.46.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-20.fra56.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2832 (United States)

ASN13335 (CLOUDFLARENET, US)

app.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.218.51.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-51-203.compute-1.amazonaws.com

us.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.45.139.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-139-96.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3bb5 (United States)

ASN13335 (CLOUDFLARENET, US)

us-assets.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.25.25 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	thnks.com app.thnks.com — Cisco Umbrella Rank: 635772 api.thnks.com — Cisco Umbrella Rank: 571903	1 MB
16	userway.org cdn.userway.org — Cisco Umbrella Rank: 3272 api.userway.org — Cisco Umbrella Rank: 3171 cdn77.api.userway.org — Cisco Umbrella Rank: 6982	181 KB
11	segment.com cdn.segment.com — Cisco Umbrella Rank: 1794	78 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	6 KB
6	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2183 api-iam.intercom.io — Cisco Umbrella Rank: 2649	10 KB
4	stripe.com js.stripe.com — Cisco Umbrella Rank: 1102	165 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 455 p.typekit.net — Cisco Umbrella Rank: 561	61 KB
3	posthog.com app.posthog.com — Cisco Umbrella Rank: 12375 us.i.posthog.com — Cisco Umbrella Rank: 7547 us-assets.i.posthog.com — Cisco Umbrella Rank: 24721	87 KB
3	segment.io api.segment.io — Cisco Umbrella Rank: 1324	514 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 3146	286 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	204 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	2 KB
1	mixpanel.com api-js.mixpanel.com	371 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3511	19 KB
1	gstatic.com www.gstatic.com	217 KB
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 3904	17 KB
89	19

	Domain	Requested by
15	app.thnks.com	app.thnks.com
11	cdn.segment.com	app.thnks.com cdn.segment.com
11	cdn.userway.org	app.thnks.com cdn.userway.org
8	www.facebook.com	app.thnks.com
5	api-iam.intercom.io	js.intercomcdn.com
4	js.stripe.com	app.thnks.com js.stripe.com
3	api.segment.io	cdn.segment.com
3	api.userway.org	cdn.userway.org
3	connect.facebook.net	app.thnks.com connect.facebook.net cdn.segment.com
3	use.typekit.net	app.thnks.com use.typekit.net
2	cdn77.api.userway.org	cdn.userway.org
2	js.intercomcdn.com	widget.intercom.io
2	api.thnks.com	app.thnks.com
2	www.google.com	app.thnks.com www.gstatic.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	app.thnks.com www.googletagmanager.com
2	cdnjs.cloudflare.com	app.thnks.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	us-assets.i.posthog.com	app.posthog.com
1	us.i.posthog.com	app.posthog.com
1	app.posthog.com	app.thnks.com
1	cdn.mxpnl.com	cdn.segment.com
1	widget.intercom.io	cdn.segment.com
1	www.gstatic.com	www.google.com
1	p.typekit.net	use.typekit.net
1	appleid.cdn-apple.com	app.thnks.com
89	26

This site contains links to these domains. Also see Links.

Domain
api.thnks.com
policies.google.com
help.thnks.com
www.thnks.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
thnks.com Amazon RSA 2048 M02	`2024-08-20` - `2025-09-17`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2024-06-06` - `2024-12-03`	6 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-08-29` - `2024-12-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2024-10-28`	3 months	crt.sh
1667503734.rsc.cdn77.org E6	`2024-09-25` - `2024-12-24`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M02	`2024-10-15` - `2025-11-14`	a year	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M02	`2024-08-02` - `2025-08-31`	a year	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2024-07-15` - `2025-07-29`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh
posthog.com WE1	`2024-09-08` - `2024-12-07`	3 months	crt.sh
*.i.posthog.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-12`	a year	crt.sh
1784939676.rsc.cdn77.org E5	`2024-10-18` - `2025-01-16`	3 months	crt.sh
*.mixpanel.com GeoTrust TLS RSA CA G1	`2024-02-08` - `2025-03-10`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*
Frame ID: 864B149F8770C96FA089E8ED4820EAD2
Requests: 78 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-d2b3a5e2127fdf729b7e262f12270505.html
Frame ID: 2B376DF141C1DF35EEF03112131A1D19
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LellNwkAAAAAD8ui8rrrfswnqCC3AeuUacwpCWE&co=aHR0cHM6Ly9hcHAudGhua3MuY29tOjQ0Mw..&hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=7klrl9l7nley
Frame ID: C6B687E3BBD29A9E0E87C74EC38C6330
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.5f25bd4d.js
Frame ID: CCB910216DA9CF1B06ABDAF81025C147
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 1A2993C0AF9E780D617B6A7007E9007B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thnks | Growing Business with Gratitude

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

Page Statistics

89
Requests

100 %
HTTPS

43 %
IPv6

19
Domains

26
Subdomains

29
IPs

4
Countries

2547 kB
Transfer

9600 kB
Size

13
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://api.thnks.com/auth/linkedin?origin=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&redirect_to=https%3A%2F%2Fapp.thnks.com%2F%23%2Fsign-in%2F

Search URL Search Domain Scan URL

URL: https://api.thnks.com/auth/facebook?origin=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&redirect_to=https%3A%2F%2Fapp.thnks.com%2F%23%2Fsign-in%2F

Search URL Search Domain Scan URL

URL: https://api.thnks.com/auth/salesforce?social_login_mode=true&origin=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&redirect_to=https%3A%2F%2Fapp.thnks.com%2F%23%2Fsign-in%2F

Search URL Search Domain Scan URL

URL: https://api.thnks.com/auth/google?social_login_mode=true&origin=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&redirect_to=https%3A%2F%2Fapp.thnks.com%2F%23%2Fsign-in%2F

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.thnks.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.thnks.com/terms/
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.thnks.com/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.thnks.com/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/thnks-smarter-business-gifting/id1186906257?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thnks

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

89 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
app.thnks.com/ 6 KB
3 KB 808ms
479ms Document
text/html 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2dd68f7b1a47fb171cdcf4c27de434b44fff394f3d05891eab2368135edb5156

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
content-type: text/html; charset=utf-8
date: Mon, 21 Oct 2024 12:32:32 GMT
etag: W/"bac63f2148ff9e12a78c1040ffe8110a"
last-modified: Tue, 08 Oct 2024 11:50:37 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-id: gixTVOE51VYJO13-D8WJyeCHkDrvjyP-iBft4RZRdbWDdUwrAlzAnQ==
x-amz-cf-pop: FRA6-C1
x-amz-id-2: kUylLibcKSg483MtUPmvBjnFc/6EARbby5V/emPkyDcVjv3d/B5L7OQrmJWnynY3W29Kx/zt/uuE6aveTYJ3LoG3RurY8EuB
x-amz-request-id: CZM4SV2MV4SBDZS2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
967 B 187ms
60ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fd5-50a"
age: 400890
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zgtTQJ7ZTQRUB9Wzsl514rxOQjoq0755UPxNc0R2ncRmyUcbRBFysolARN1ASJZos9YM0cBe%2Fp1xQuapHS7FqC62olMKbE64B8m7j2trx24GN2gnBHK856Q%2Ft%2Ff%2FwYD1wPzXaLG"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 12:32:32 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 21 Oct 2024 12:32:32 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:16:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d6145595a08dbbf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 382
server: cloudflare

GET
H3 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
1 KB 183ms
56ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fd5-92d"
age: 395747
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwzO0krPzdSACQhH%2FTGoc9fYH0bFNO8ysDB4HrtE0vEYAbgj8fqHdFpiIliCEOlxk07mu1Iw3ChYK0vcuYQvfGnpac%2FVZhOX0j2ncTeOoqGjrjv9vRyw0TvscI1b0CFkppPWhCeY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 12:32:32 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 21 Oct 2024 12:32:32 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:16:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d61455959fddbbf-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 637
server: cloudflare

GET
H2 200 iaf0fjo.css
use.typekit.net/ 5 KB
1 KB 221ms
48ms Stylesheet
text/css 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/iaf0fjo.css

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

801aa099647270906cc33411fcd8611aa3ca2ac899b0f13485ae59382bbade85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 844
date: Mon, 21 Oct 2024 12:32:32 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 426ms
77ms Script
application/javascript 104.77.37.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.77.37.101 Zurich, Switzerland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-37-101.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://app.thnks.com
Referer: https://app.thnks.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Content-Encoding: gzip
ETag: W/"43171-1729029041439"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 17356
Date: Mon, 21 Oct 2024 12:32:32 GMT
Content-Type: application/javascript;charset=UTF-8
Last-Modified: Tue, 15 Oct 2024 21:50:41 GMT
Server: Apple
Vary: accept-encoding

GET
H2 200 runtime~main-bundle-8fd3b674dee8a3b97f37.js Show response
app.thnks.com/ 3 KB
2 KB 447ms
444ms Script
application/javascript 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.thnks.com/runtime~main-bundle-8fd3b674dee8a3b97f37.js

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3a7261820eb6a07dd3073f6f908b9b0a3cf720c22d583bb442aa710fd5620668

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

content-encoding: gzip
etag: W/"1f53ebcd0e48f046b12f4753baf620c6"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: MTU5ktxjmTnXUjyuQhIOAAIdh8wuvErR8897zkuen_SleXfguQX-xw==
date: Mon, 21 Oct 2024 12:32:33 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:37 GMT
x-amz-id-2: ogBCkUF4k8h5wBEoHWkx2YKQPZCjwQsr27gShNmH/pSybiRM7ZZfMqNEoSwtVJn/ic52YwqiB2A=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: DDHFBXKCS32YFC44
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main-bundle-8fd3b674dee8a3b97f37.js Show response
app.thnks.com/ 4 MB
1 MB 472ms
469ms Script
application/javascript 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.thnks.com/main-bundle-8fd3b674dee8a3b97f37.js

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

443c6c8f5308fb1ec6625ac6547c6868fd034c8d96a25669d8e2698e7fe110d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

content-encoding: gzip
etag: W/"4fd1b53efa3d7e0ace353321c6f34788"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: DVpbKFojFBj4N7sH8JwFQ-VQiCQZYrbrfd5jl7e9Z3NaY-JmBuLBPg==
date: Mon, 21 Oct 2024 12:32:33 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:37 GMT
x-amz-id-2: iQhlvAg50mWxyUlfzOikuaQpmROdqr9grwB2T+FmJXDUlZ8SZSDpXIbfxFMvQa8x1Ol5dNMQPgg=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: TKVE1PVREBWEY2HZ
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
js.stripe.com/v3/ 673 KB
164 KB 783ms
627ms Script
text/javascript 13.35.58.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-22.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

06ea13c6d1d75446d30f86d2c5898d2f0bb7b5c51085b389d75ffa23db9748ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://app.thnks.com
Referer: https://app.thnks.com/

Response headers

content-encoding: br
etag: W/"543af4db407e35aa222045f9234ba5aa"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: X0C81nRzwiYAtsIZqWV6LLVDpjJc89SidIc5c1K1Yd3BLgNHyY4m6w==
date: Mon, 21 Oct 2024 12:32:33 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 18 Oct 2024 20:43:35 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: Cloudfront

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 210ms
41ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=iaf0fjo&ht=tk&f=7986.7987.7988.7992.7993.7996.7998&a=15901843&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/iaf0fjo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://use.typekit.net/

Response headers

cache-control: public, max-age=604800
etag: "6649f74c-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Mon, 21 Oct 2024 12:32:32 GMT
content-type: text/css
last-modified: Sun, 19 May 2024 12:57:48 GMT
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 276 KB
98 KB 427ms
63ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4973MC

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0ff4d8dcfde130c739c84a3ba4f469cbeddf94a2fe8f4cd4cb0ae6462e1f4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 21 Oct 2024 12:32:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 12:32:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 21 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99268
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 319 KB
107 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P17GBS3R7K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4973MC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

564bcd4683fa46d647535a7560836f7f33c7a32d8d43f2b492da8308e43fdac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 21 Oct 2024 12:32:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 12:32:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108900
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
58 KB 100ms
51ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 21 Oct 2024 12:32:33 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4407, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: k+LJlEdqa5YEXCa5hYkKCBSp4CroK1d3Mj5+VARUAq5SzkqfjZ0xkn5lvNqH3ovAufuv97Jl1ImkVgELfyYI1A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 926964410783916 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 378ms
370ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/926964410783916?v=2.9.172&r=stable&domain=app.thnks.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

c6e448760bf9b1354933c673a971e6211a48319ed4ce594017d6c242640edc1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 21 Oct 2024 12:32:33 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=76, mss=1232, tbw=69953, tp=66, tpl=0, uplat=194, ullat=0
pragma: public
x-fb-debug: rbFAyUeobkehtjHTxtgIpmoZWFmzTsL14Fa8/1tVJL+huJCYq5gTtG9WJwlmjEFbX23bAy9AojFiTXrWgRK6aA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 471ms
61ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P17GBS3R7K&gtm=45je4ah0v874503276z877180433za200zb77180433&_p=1729513952515&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529665~101686685&cid=1733605265.1729513954&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729513953&sct=1&seg=0&dl=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*&dt=Thnks%20%7C%20Growing%20Business%20with%20Gratitude&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2438
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P17GBS3R7K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.thnks.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 12:32:34 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 311ms
51ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 19aae78d7beaecfaffbb36932e908f578d5a72432ba663accc95815a9f2cd21f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"59cd386971c343740f4693f3c7ca2f77"
age: 367
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: Z3fkJTIl8t4Xx_sW19GwCXeEANXbISvB2TypcTS59uNhNFWQGtsxbQ==
date: Mon, 21 Oct 2024 12:32:34 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:48 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c7114a545285e2491667515b4808
x-77-nzt: EgwBqZb/tgH3bQkAAAwBisclxAG3BAAAAA
cache-control: max-age=3600, public
via: 1.1 965181b6d91907befd5a0165af38daf0.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 2413
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 version.json Show response
app.thnks.com/ 82 B
702 B 494ms
438ms XHR
application/json 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.thnks.com/version.json?t=1729513953955

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/main-bundle-8fd3b674dee8a3b97f37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2b209f11fee7347f2d75e8ba025d74f643b756eea4e845bcdf5cde2c48e15e06

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

etag: "72775a96281f9cce23fa4da24a891ed8"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: bkSe7ab6S-ckV-IJgFM2ZvNtIdeb_kf3ndLiPFN_vd-vWWNX_jxaZw==
date: Mon, 21 Oct 2024 12:32:35 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:37 GMT
x-amz-id-2: WU70M8NbODhpNyRNTPEAHTxiHnKSH9IWTA+55hQ3SuE9Yl9pXB4MxKFR8LO3ZATa5jDj+zWpYnA=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: DW9RXVT0HSKSBS9Y
accept-ranges: bytes
content-length: 82
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 controller-with-preconnect-d2b3a5e2127fdf729b7e262f12270505.html
js.stripe.com/v3/ Frame 2B37 0
0 347ms
51ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-d2b3a5e2127fdf729b7e262f12270505.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.thnks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 29
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 404
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 21 Oct 2024 12:32:34 GMT
etag: "d2b3a5e2127fdf729b7e262f12270505"
last-modified: Fri, 18 Oct 2024 20:04:26 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 7
x-content-type-options: nosniff
x-request-id: 6251ffb1-9290-472b-9372-7f509e6efea7
x-served-by: cache-fra-etou8220107-FRA

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 277ms
79ms Script
text/javascript 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LellNwkAAAAAD8ui8rrrfswnqCC3AeuUacwpCWE

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/main-bundle-8fd3b674dee8a3b97f37.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f4.1e100.net

Software

ESF /

Resource Hash

2dba15997de00bb763cec60caa48dd81314b11d657f81b5e92e54a5e417cac63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 12:32:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Mon, 21 Oct 2024 12:32:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/ 103 KB
28 KB 850ms
655ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js
Requested by: Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e8bb556bc2d34b3154e32418bbb3984427201448aca906c634830809bd36875

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: 93vSeoQ4Ra3fIlZ8Qxfpor6qnPpwGDPj
etag: W/"ab298e70b13dd7148b2bea56a4206286"
access-control-allow-methods: GET, HEAD
x-cache: RefreshHit from cloudfront
x-amz-cf-id: y-DqLZW7hdK77FPEafNTnwNevuG3hd94DNwMHK0s1ECp0xgJ0sdkJQ==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jul 2024 20:28:22 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 7378-bundle-8fd3b674dee8a3b97f37.js Show response
app.thnks.com/ 20 KB
5 KB 477ms
476ms Script
application/javascript 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.thnks.com/7378-bundle-8fd3b674dee8a3b97f37.js

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/runtime~main-bundle-8fd3b674dee8a3b97f37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d5b1c5b78ba4e497c3945d3fbb34486695c413eae3f0a9c29f9279520fdb8b5e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

content-encoding: gzip
etag: W/"ee627af1f13848325e56685ef20dab0d"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: bMUZ1Zwfzjz-c2gpnlcUOW-2RQAPYYBrH4pdqj5LYe1l4fv6GeStXQ==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:36 GMT
x-amz-id-2: sPObpG+poB53rlDVwb/F+oMp4a8kCwyx6ylW99A1rS3bSSCSrT8D7+CvLlSDV3YAxd+XPp5FNk4=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: 1PPA8SGWSG0VV82R
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 7909-bundle-8fd3b674dee8a3b97f37.js Show response
app.thnks.com/ 12 KB
5 KB 456ms
456ms Script
application/javascript 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.thnks.com/7909-bundle-8fd3b674dee8a3b97f37.js

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/runtime~main-bundle-8fd3b674dee8a3b97f37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f6e153a79a22b2045febfb7bc0e2b2e2afcfbc5131357b57247c697519046dcd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

content-encoding: gzip
etag: W/"3cad0c32edb9d6adc385c1e208bbb3dc"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: YHh7r_D-6Z6c3sUWJXAC5uVQFI9rexODPelMuWK5316DfXafTZIiJw==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:36 GMT
x-amz-id-2: hFI88ZjldV/xETXN+MWey60gUUlM0VReFUpBHJlALyBSzLzSNWdBn6hFuvqwTiOB9Prdw9yj7+s=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: RD66VGJBEKMJZ5JF
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 10d09ae1a528dffabaef..svg
app.thnks.com/assets/file-loader/ 5 KB
3 KB 475ms
474ms Image
image/svg+xml 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.thnks.com/assets/file-loader/10d09ae1a528dffabaef..svg

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e31f852a397b7271fa0fc64f79c0ac21db3fbce8abbac211951b61daa32cc584

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

content-encoding: gzip
etag: W/"eb0c4f3d62b61d7be3ae8f552cb6b85d"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: B07AdMsc0d8xilLhqLfF3ZDpdZpG7e9YTjQi6MRO99-l860trYQUDw==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:36 GMT
x-amz-id-2: FFlkCbCguOe+WS1tBbvf/LMK5hQPfN68AeTZlIwpp7PukMp3Tm11/eKDRM+/Or8EuYpapUK1c/kKWBBlQwAJkXMMU4ADt/LM
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: 324NVGX5HFJ3Z2XF
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 37 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59304960764c4925a44cb2895726fc0f4faaa058bf4c3a2286d817cb7b9738c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 5600dcb04cd267ff43e3..svg
app.thnks.com/assets/file-loader/ 958 B
2 KB 454ms
453ms Image
image/svg+xml 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.thnks.com/assets/file-loader/5600dcb04cd267ff43e3..svg

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6ac81243a2cb23509cd63fe681f6969ace8c40bb18e999c97bafa74c4f4e6713

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

etag: "f5c23f732a6dbdfac01d7f183d8765a4"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: KJmIhJcEFR8y108h3sOEtt01BqM2HfP_TZqt-14VUFMh8Jm9at9YrQ==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:36 GMT
x-amz-id-2: NLvbsjHG4GSf/cRJ4P3PF4fUgT2JTn6t3Z6YA1sALy6sy+RuWfPwOl452vguUo3prgLy61e/LZw=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: RD6DQYMZSTAX217P
accept-ranges: bytes
content-length: 958
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 wave_progress.svg
app.thnks.com/assets/svg/ 2 KB
1 KB 447ms
446ms Image
image/svg+xml 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.thnks.com/assets/svg/wave_progress.svg

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1a5f14c10de17aa94a09df3b4d80349f1424d50b878e76decd32b0ae7b38db50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

content-encoding: gzip
etag: W/"b6ce10333f256eec0ec75fef8f0411f7"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: UuC3u1rISX-BoW9mMGymdQ0sP_uBh-39yhLjkAE_d5vQAj0K_uXxAg==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:37 GMT
x-amz-id-2: wqaP/2i45YGMH9j6FtmE/ElowqtV+7r3+MsyB77f/MHNj2YtVGk++t7PaSsRMapWuTtmUfhzaT9u1Nasm/8fgWOhJAwyvMr3tKvhOX2HrO8=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: XMW8T3R72R1JGR23
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 l
use.typekit.net/af/6e84fe/00000000000000003b9b1e46/27/ 33 KB
33 KB 190ms
56ms Font
application/font-woff2 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6e84fe/00000000000000003b9b1e46/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/iaf0fjo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 924af62e7a04b73299ec45a77897d6f16dd85a5f150bf8be88ac64097c09df94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://app.thnks.com
Referer: https://use.typekit.net/iaf0fjo.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "611b53ca5c43f9374c3e74c8872de125c13e83cd"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33320
date: Mon, 21 Oct 2024 12:32:34 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 695ms
57ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=926964410783916&ev=PageView&dl=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&rl=&if=false&ts=1729513955370&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729513955359.705139080708665910&cs_est=true&ler=empty&cdl=API_unavailable&it=1729513953342&coo=false&exp=h3&rqm=GET

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2943, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 828ms
193ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=926964410783916&ev=PageView&dl=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&rl=&if=false&ts=1729513955370&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729513955359.705139080708665910&cs_est=true&ler=empty&cdl=API_unavailable&it=1729513953342&coo=false&exp=h3&rqm=FGET

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428205879007784111"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: zPFBf9yVjvTPyu4mUOXRuVnRPeunpMXoK2CUB1tmjBGrpdMYaMzfRETVGTWxYNCG5DnKmFE69HP7CZE81dGVVQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428205879007784111", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=3261, tp=-1, tpl=-1, uplat=147, ullat=1
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 widget_app_base_1728401297040.js Show response
cdn.userway.org/widgetapp/2024-10-08-15-28-17/ 126 KB
39 KB 133ms
47ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fcbd22fcf355f8ca1b4eee520ca2541bb02fa8c77ccfe2d2795570b89a7fd134

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://app.thnks.com
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"5afeaac7e2e18a97518efd0a8a1bb1fe"
age: 365
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: jVOK3EiOc-WiyUsqeFC0a8a5swcWhm8SDO0G6sj1Hfd5YcRftBdh8w==
date: Mon, 21 Oct 2024 12:32:35 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:35 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c711b058bebae3491667271ef61d
x-77-nzt: EgwBqZb/tgH3qfcQAAwBw7WvAgG3BAAAAA
cache-control: max-age=25920000, public
via: 1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 1111977
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 546 KB
217 KB 644ms
45ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LellNwkAAAAAD8ui8rrrfswnqCC3AeuUacwpCWE

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://app.thnks.com
Referer: https://app.thnks.com/

Response headers

content-encoding: gzip
age: 320249
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 19:35:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 19:35:07 GMT
last-modified: Mon, 14 Oct 2024 18:32:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 221971
x-xss-protection: 0
server: sffe

GET
H2 200 state Show response
api.thnks.com/api/v1/social/apple/ 111 B
654 B 232ms
231ms XHR
application/json 34.208.71.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.thnks.com/api/v1/social/apple/state?

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/main-bundle-8fd3b674dee8a3b97f37.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.71.80 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-71-80.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

1da255b6f612f9a812370a277c7f692fc063c9b4a5e3b70395d055da78a16d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Authorization: null
Referer: https://app.thnks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

x-robots-tag: none
access-control-max-age: 7200
x-request-id: c975874d-1ef7-4cb6-9095-a0642f195ab2
access-control-expose-headers: CMS-Version, Web-Version
content-encoding: gzip
etag: W/"1da255b6f612f9a812370a277c7f692f"
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
web-version: 1.195.16
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: application/json
vary: Origin
x-runtime: 0.014943
cms-version: 1.54.53
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://app.thnks.com
x-xss-protection: 1; mode=block
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 linked-in-btn.svg
app.thnks.com/assets/img/ 458 B
1 KB 508ms
506ms Image
image/svg+xml 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.thnks.com/assets/img/linked-in-btn.svg

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b12b5e40f277e780c11275b1623df19998e24279c81f142d3418dc45a9ac567

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

etag: "e8eef81ad493d165f92d654d56aada89"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 5GGggEFW7Pqbeb7GnXywJQZYRTfPBWwdqkxRHEeGHHPksHDzEJ-yYg==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:36 GMT
x-amz-id-2: aHtWjPcNuxnEVasKJ97dOiA/PGKkQlGgDjT0dz94PwfBhUCabr2aCJM3yMBdwUua2dEKvtj9T/8=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: TNPFVJZJTEWK391J
accept-ranges: bytes
content-length: 458
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 aa0f4cbb58519b92d7fc..svg
app.thnks.com/assets/file-loader/ 323 B
943 B 509ms
508ms Image
image/svg+xml 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.thnks.com/assets/file-loader/aa0f4cbb58519b92d7fc..svg

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebaec3882b249b1ba8ff2f1a75d2a2b87ee59603375cbaef7e829799da2ff62d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

etag: "61d9d8576c0c1ab86f314f3ecf9b557d"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: aMdkHpnkQzhjvwdrBrNYTwrVl3-CXyjVpg1kyk-1Mrk0tvdzgtBqxw==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:36 GMT
x-amz-id-2: CxSbpyKBmrqDIF1S6W7WoOCq01Mk8f0fIzstJ+Snm8eeQQ8BRW+M31EZNkbttGN9TsEttLjlvyo=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: E2SP07NM27179TNG
accept-ranges: bytes
content-length: 323
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 7b3dcd13743a420f7bd8..svg
app.thnks.com/assets/file-loader/ 602 B
1 KB 513ms
511ms Image
image/svg+xml 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.thnks.com/assets/file-loader/7b3dcd13743a420f7bd8..svg

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7b10bb87d9b2e11fff7427f6b53015b237b2fa527fd1c49983a83ec6108c610f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

etag: "2ce663327062cb811dc59b32ab7de270"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 2bufUvLpUpB3-LVB2fU2TJOYF8QoTuUJboHU0bvrJhMll_wUs9-Qdg==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:36 GMT
x-amz-id-2: gT9HLwpmFgYdlzPjmmrH/QqbV05WbvAncoxbVB0boNt2yhnza2zwKoPqDupDEf1FvgLIVHs4Bnk=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: TNP2Q0667GEXEEFY
accept-ranges: bytes
content-length: 602
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 a303ecc29ae4a18cfbe6..svg
app.thnks.com/assets/file-loader/ 882 B
1 KB 511ms
510ms Image
image/svg+xml 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.thnks.com/assets/file-loader/a303ecc29ae4a18cfbe6..svg

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9a8dd7ff21f8f835f055ff8753e7ef4d0ba0a5c88d4404a3d6452e8e0ab66ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

etag: "8f3224c038eac27829e2c8e82332aa7b"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: QK6DiOIIeTsmu_s2DtJbW-sZO6pBz6PwCsZlP07pUPU6mCJYi-7xUw==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:36 GMT
x-amz-id-2: 5752O5ym2c8QEv5rtE7EbXK9655x6jeqx36NwyJUZwNm/QOeE+p6wEgohR8i8NLaQiH4/sdXs0MgFzuSBpWayNYQ1SUvCqq9cU31ODQmAqs=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: K22JBWWDKXBJA7MV
accept-ranges: bytes
content-length: 882
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 apple-white.svg
app.thnks.com/assets/svg/ 996 B
2 KB 505ms
504ms Image
image/svg+xml 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.thnks.com/assets/svg/apple-white.svg

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4da89d6b17e680bc400a97862b0d255d6aee25d5e16c276bf43a5af9fa62c533

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

etag: "c53840e34278ebe87b46e7cda6c20f61"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: MSsezokSfi4BzACicE3QyGbE9-naR-3o98OXpIzTMwm0HvGISKHp6Q==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:36 GMT
x-amz-id-2: E+CygOW9PrSPluPCJ392IAdfT/zT2bAck523NEiTurB/lu1cEZ3FNQNLQPKXRBLb5udLuq0fm7I=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: CJKY9VBJTDBBEGBF
accept-ranges: bytes
content-length: 996
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 l
use.typekit.net/af/d71088/00000000000000003b9b1e47/27/ 27 KB
27 KB 50ms
49ms Font
application/font-woff2 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d71088/00000000000000003b9b1e47/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/iaf0fjo.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b002fc00c4f0e006b8e5d6a8b4753e744bb0feb3fb732671b45528928ea6027c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://app.thnks.com
Referer: https://use.typekit.net/iaf0fjo.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "19ce4eb601ed42acc1c56106071a3ee8b2cf974b"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 27652
date: Mon, 21 Oct 2024 12:32:35 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/ 3 KB
2 KB 763ms
655ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c071075e036b5a3c83d72038ba89573561e4783f96f824f6223bd183ba672741

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: NaVg5M6q51.NCL2qG5prmDLZRq59gUNI
etag: W/"4619bd823c423ff9cf0c1028170dfb2a"
access-control-allow-methods: GET, HEAD
x-cache: RefreshHit from cloudfront
x-amz-cf-id: uIYt4UC-YMf_JA5towxUYOTmWAnwX-UmSa6nqu0oL-oUFlkIbZf3zw==
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 12:13:33 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 state
api.thnks.com/api/v1/social/apple/ Frame 0
0 847ms
221ms Preflight 34.208.71.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.thnks.com/api/v1/social/apple/state?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.71.80 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-71-80.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://app.thnks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: https://app.thnks.com
access-control-expose-headers: CMS-Version, Web-Version
access-control-max-age: 7200
content-length: 0
date: Mon, 21 Oct 2024 12:32:36 GMT
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

POST
H2 200 r9zyhc9PlX Show response
api.userway.org/api/tunings/ 2 KB
2 KB 708ms
204ms XHR
application/json 2600:1f14:5db:eb22:2b69:808b:7241:9f83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/r9zyhc9PlX
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:2b69:808b:7241:9f83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 394a27be047c35e2332b44911fca4ec12e1e1716ccb0d149fa3c59919c83ca68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
x-service-request-id: usrf73e0250698942b
etag: W/"6ee-rdq35D47om3gps4Ddzz6QsWiggs"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 1774
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: application/json; charset=utf-8
x-service-version: uw-pr
access-control-allow-headers: *

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame C6B6 0
0 191ms
61ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LellNwkAAAAAD8ui8rrrfswnqCC3AeuUacwpCWE&co=aHR0cHM6Ly9hcHAudGhua3MuY29tOjQ0Mw..&hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=7klrl9l7nley

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-as5OMQh8rxIhx8vZmiUqlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.thnks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-as5OMQh8rxIhx8vZmiUqlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 21 Oct 2024 12:32:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 47ms
46ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id: 7HrcoEDii4CJjqNCahwryaG4L.vk9kns
age: 2814305
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: Q2OCY56BVr5LpQdGMihvCurd1plcB_hH4_VRQwo1rjc0ZEvc1hP2Rw==
date: Wed, 18 Sep 2024 22:47:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 22:21:40 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-10-08-15-28-17/locales/ 607 B
944 B 60ms
60ms XHR
application/json 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"971644f50e2020e1ff22e37edcad46f6"
age: 364
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: S5_g_-MDxeZQ9Lrfl5ztywk56rfsaQgfF9fUdAQ8CdGk8dtoTDyQlw==
date: Mon, 21 Oct 2024 12:32:36 GMT
content-type: application/json
last-modified: Tue, 08 Oct 2024 15:31:34 GMT
x-77-nzt-ray: 15b3c711b058bebae4491667b7a73e27
vary: Accept-Encoding
x-77-nzt: EgwBqZb/tgH3nvcQAAwBJRPCLgG3DwAAAA
cache-control: max-age=25920000, public
via: 1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 1111966
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 53ms
52ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id: u16VcQlfwBtHRZyWZ3J5lA.kF3ts0Fc8
age: 2978466
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: PKk9xLrgr4IIjs_cHkik5OjxvYG3En5_RsTz0-jgTmT2OY-R-VzWEg==
date: Tue, 17 Sep 2024 01:11:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 16 Sep 2024 16:03:18 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 8e153a90be6c365baea2.js Show response
cdn.segment.com/next-integrations/actions/algolia-plugins/ 4 KB
3 KB 51ms
51ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/algolia-plugins/8e153a90be6c365baea2.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b177d2e5888909a84386c8845db7c42fd4fdef974a8dce8126cc7ae8774972a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: pGIW9BS4dxrjFLVo7wdDfa64B9QuBzux
etag: W/"726403cce9a66dea5358b3e4ebe3cd3d"
age: 34103
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: _HAmIA9iP9pJU1H6XHnQORjiLP12p9gXPmDAoWzVzIbvFrdYDYEC3g==
date: Mon, 21 Oct 2024 06:54:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 11:17:56 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 d41568b7f25714884231.js Show response
cdn.segment.com/next-integrations/actions/845/ 27 KB
8 KB 63ms
63ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/845/d41568b7f25714884231.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/algolia-plugins/8e153a90be6c365baea2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad4ec56c04477d9acc30ce9a07150d3b241ea38d96ec99aa0c6617e2379f1445

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: UfShnhVWWr257GH9PidWvXuITz0DciJM
etag: W/"fa32af4fb4b851cebc554c5c458878c3"
age: 36150
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: c0Im2uMJxXxAiF8Yy8o3_fvWuB9Am4RQ9WpVPy31-kaSJGLXDo8SIA==
date: Mon, 21 Oct 2024 02:30:07 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 11:17:54 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 intercom.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/intercom/3.1.0/ 4 KB
2 KB 68ms
67ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/intercom/3.1.0/intercom.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04bde84c00132d26dff806e922ba556916db435fbae302ffe70cdeb1fc63df32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "de0a11b95aca20dc7cc5bcec42adc9e4"
x-amz-version-id: WaLj40l3ZG2BEFOf2lZRQmhraY5Uj_59
age: 1572042
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: XCQHricDBX5PCyPt2mnCtlkN87GjHrgLuFN01meNX9nkQg7bt9MOiw==
date: Thu, 03 Oct 2024 07:51:55 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:20:16 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1879
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 mixpanel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/mixpanel/3.2.1/ 8 KB
4 KB 69ms
68ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/mixpanel/3.2.1/mixpanel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75bce8973450b6f9872cd0e0b14cdac748331748d262e1894bfbd822d998a3b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "baf0cbd3b18c3373d421818693d56c63"
x-amz-version-id: ZjK11iCh4PH._ITJ2MsCo.QWultvIMku
age: 1678423
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: CHsMc_xCUqybrkoiSv1TsvbCMq8vxBhIZyKjdsdkwrJyN0AnsO6geQ==
date: Wed, 02 Oct 2024 02:18:54 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:20:17 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3261
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 10 KB
4 KB 68ms
67ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4df53644d1c9fd651ccfd697977eb07d94cd744b0a4997568d67cc25ef44e483

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "a7cd49c834a0851140e3304c91cb34d0"
x-amz-version-id: j4m0DyDSierKPJq1r420lhjLq60dvugM
age: 1572042
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: Ki3pzjeZNjylihMj__mmED7KDs4q2UhO5o9VJ7PAr5GXU7Im6Iyyxg==
date: Thu, 03 Oct 2024 07:51:55 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:20:16 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3273
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 auto-track.bundle.a9d7db192bb0f8beb329.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 53ms
45ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/auto-track.bundle.a9d7db192bb0f8beb329.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c394985a98ff83171e9e499912cda4a034e11c63d5fa4eab40b97c9f58d6984

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: W/"4422cc3b53c2ab5b4112464da476bc1a"
x-amz-version-id: 9VsJxJWtuMAEUV0jUcCo5BphH4F4iFq3
age: 3097778
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: SxKoduI97oEzcPbqTpaHH_dfTAlBnV-ZvdLKrzSDAowB3w9EUhdkZQ==
date: Sun, 15 Sep 2024 16:02:59 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sun, 15 Sep 2024 03:27:02 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
171 B 736ms
216ms Fetch
application/json 44.240.52.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.52.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-52-117.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://app.thnks.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://app.thnks.com
content-length: 21
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: application/json
vary: Origin

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
172 B 728ms
210ms Fetch
application/json 44.240.52.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.52.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-52-117.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://app.thnks.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://app.thnks.com
content-length: 21
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: application/json
vary: Origin

GET
H2 200 commons.a61d7bea37d2de5d4b69.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 70 KB
22 KB 56ms
55ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "c467a63b2e7c3a99be423ace649014d8"
x-amz-version-id: JPDEPREw8gYM0wgzX9n.pVdsRblNlmAD
age: 918871
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 4nashkNT5OlI75viyOyC18sa7I4ER7S40Pc8c0szVdyAjawPDgKetw==
date: Thu, 10 Oct 2024 21:18:07 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:20:15 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21911
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 iwfxzmxt Show response
widget.intercom.io/widget/ 7 KB
3 KB 849ms
504ms Script
application/javascript 18.239.36.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/iwfxzmxt
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-23.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b8742996b146160561b2abc9bee9ae2a7557a930764e3150854c03dc2434a15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

content-encoding: gzip
x-amz-version-id: djEa0WeCNhcgYfl_ChohdOfLiVk33gEI
etag: "eea5f9d4ada1b30c1a5397524cdb6364"
age: 202
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: VfkLwYxCLqa-NnJM20qtRTr-jJTZ29qKa_TYHmtNaPatD7sA0LF98Q==
date: Mon, 21 Oct 2024 12:29:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
last-modified: Mon, 21 Oct 2024 11:54:13 GMT
cache-control: max-age=300, s-maxage=300, public
cross-origin-resource-policy: cross-origin
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2665
x-amz-cf-pop: AMS58-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
0 1ms
1ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 21 Oct 2024 12:32:33 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4407, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: k+LJlEdqa5YEXCa5hYkKCBSp4CroK1d3Mj5+VARUAq5SzkqfjZ0xkn5lvNqH3ovAufuv97Jl1ImkVgELfyYI1A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 55 KB
19 KB 403ms
46ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

x-goog-metageneration: 2
content-encoding: gzip
x-goog-hash: crc32c=rciEWw==, md5=Ay7nz7moeiyGH/GIFXVIQg==
etag: "032ee7cfb9a87a2c861ff18815754842"
age: 403
x-goog-stored-content-encoding: gzip
expires: Mon, 21 Oct 2024 12:35:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 19057
date: Mon, 21 Oct 2024 12:25:54 GMT
last-modified: Tue, 27 Aug 2024 18:10:17 GMT
content-type: text/javascript
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY2eOjeOu7-xpOJHZjfyyRN3i5RhniV4YLWFYLoaABtYwphN8y_A6PghKw6wewf6oPffmNTfROwtQA
cache-control: public,max-age=600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1724782217794014
content-length: 19057
server: UploadServer

GET
H2 200 remediation_1728401297040.js Show response
cdn.userway.org/widgetapp/2024-10-08-15-28-17/remediation/ 95 KB
27 KB 67ms
66ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/remediation/remediation_1728401297040.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fe66f91eae12efca0ac117ae0505e43f25e81f9da5ad13cd2e563bf7fe1508ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://app.thnks.com
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"3b66deb8c3b5ba2c3da9501471856693"
age: 229
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: 0mqPw8BwC9UzV7BXUNz1vzhwj22VWtTeMofw3VHtj9aP0GbB8V6VyQ==
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:35 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c711b058bebae5491667e204500a
x-77-nzt: EgwBqZb/tgH3p/cQAAwBisclxAG3iwAAAA
cache-control: max-age=25920000, public
via: 1.1 38dab0d877593711162f7409f4fc8fca.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 1111975
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 2rIOq0tLANdjgEYD.json Show response
cdn.userway.org/remediations/consolidated/2584448/ 400 KB
70 KB 69ms
68ms XHR
application/json 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2584448/2rIOq0tLANdjgEYD.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a4d8e75c1df1a7379f4baa1503db08fc811b27bfff1dc79e3aa852327b0032ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"6a6dc4b1bf018358bbc3b541dadc80a4"
age: 857
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: D0j879INsTZ9Ot1FOwLYHCExgPYW4dBFbSF2F3deFFg4oRK8n-z7vA==
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: application/json
last-modified: Mon, 21 Oct 2024 11:48:40 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c711b058bebae5491667f586490a
x-77-nzt: EggBqZb/tgFBDAHDta8CAbd7AwAA
cache-control: public, max-age=31536000
via: 1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 891
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-10-08-15-28-17/ 30 KB
5 KB 347ms
346ms Stylesheet
text/css 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-10-08-15-28-17/widget_base.css?v=1728401297040
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"fa9ef3811ff36e9e81b054c454f9365f"
age: 364
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: RD41J0ueEv-fBw1_fvZtXaxavwOrtglNL_kd-kQIn1aNHGDH6by_kg==
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: text/css
last-modified: Tue, 08 Oct 2024 15:30:57 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c7114a545285e549166768b94e0a
x-77-nzt: EgwBqZb/tgH3rcgDAAwB1GY4EQG3BQAAAA
cache-control: max-age=864000, public
via: 1.1 e161fd49d3d858d9f9d1d337fc91ce8e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 247981
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 45ms
44ms Image
image/svg+xml 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by: Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
age: 42
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: aNeLgRWnFT4E1bCgcXxMq5C_IcRb2sYFmpYWg7sp6G-YqkWavje49Q==
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Oct 2024 15:31:36 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c7114a545285e54916670ffa4d22
x-77-nzt: EgwBqZb/tgH3q/cQAAwBJRPCNAG3BQAAAA
cache-control: max-age=25920000, public
via: 1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 1111979
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 64ms
64ms Image
image/svg+xml 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by: Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
age: 42
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: OzRz9soIPkQrhmd8xq-4nI5t5JbdDzOoq9SxsFLQn-NgtUTchZbbWg==
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Oct 2024 15:31:37 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c7114a545285e54916679d1c5e24
x-77-nzt: EgwBqZb/tgH3q/cQAAwB1GY4EQG3BQAAAA
cache-control: max-age=25920000, public
via: 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 1111979
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/2024-10-08-15-28-17/paid/ 65 KB
23 KB 61ms
61ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-10-08-15-28-17/paid/remediation-tool.js?ts=1728401297040
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 42c1ddeaf8478b1f54eedb7829ea19fc7ab4490e6efd70247dd1660f73dd1b73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://app.thnks.com
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"0a1e52174fad9eceaf8a9d7d6617173f"
age: 361
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: TAqP4LN9sjKn8g2LE-Yu2wUGrza-ipKnvN7nJTIVAaAqlVfMOin_PQ==
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:45 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c711b058bebae5491667eb896224
x-77-nzt: EgwBqZb/tgH3p/cQAAwBw7WvAgG3BgAAAA
cache-control: max-age=25920000, public
via: 1.1 0c32b42e3b5070fcbe6b5b320d0621b2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 1111975
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 2rIOq0tLANdjgEYD.json Show response
cdn.userway.org/remediations/consolidated/2584448/ 400 KB
0 0ms
0ms Fetch
application/json 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2584448/2rIOq0tLANdjgEYD.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-08-15-28-17/paid/remediation-tool.js?ts=1728401297040
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a4d8e75c1df1a7379f4baa1503db08fc811b27bfff1dc79e3aa852327b0032ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"6a6dc4b1bf018358bbc3b541dadc80a4"
age: 857
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: D0j879INsTZ9Ot1FOwLYHCExgPYW4dBFbSF2F3deFFg4oRK8n-z7vA==
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: application/json
last-modified: Mon, 21 Oct 2024 11:48:40 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c711b058bebae5491667f586490a
x-77-nzt: EggBqZb/tgFBDAHDta8CAbd7AwAA
cache-control: public, max-age=31536000
via: 1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 891
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 /
www.facebook.com/tr/ 0
125 B 49ms
41ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=926964410783916&ev=App%20-%20Open&dl=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&rl=&if=false&ts=1729513957796&sw=1600&sh=1200&v=2.9.172&r=stable&a=seg&ec=1&o=12318&fbp=fb.1.1729513955359.705139080708665910&ler=empty&cdl=API_unavailable&it=1729513953342&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1729513956886-7320fec8-c1ae-4098-8a1e-a6cd0a7d2827&tm=2&exp=h3&rqm=GET

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=10, mss=1297, tbw=6578, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
871 B 300ms
300ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=926964410783916&ev=App%20-%20Open&dl=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&rl=&if=false&ts=1729513957796&sw=1600&sh=1200&v=2.9.172&r=stable&a=seg&ec=1&o=12318&fbp=fb.1.1729513955359.705139080708665910&ler=empty&cdl=API_unavailable&it=1729513953342&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1729513956886-7320fec8-c1ae-4098-8a1e-a6cd0a7d2827&tm=2&exp=h3&rqm=FGET

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428205883420592386"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 21 Oct 2024 12:32:38 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: kRWvy1xl/oNWKHNdDXmP6Atka+2OV64EAg71Ij5u1NBixdZVkN2BDw1Pc44zCP/JP5dTJrLF2LflyDijV3EhyQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428205883420592386", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=14, mss=1297, tbw=8081, tp=-1, tpl=-1, uplat=235, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 49ms
49ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=926964410783916&ev=App%20-%20Browse&dl=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&rl=&if=false&ts=1729513957810&cd[Screen]=Log%20In&sw=1600&sh=1200&v=2.9.172&r=stable&a=seg&ec=2&o=12318&fbp=fb.1.1729513955359.705139080708665910&ler=empty&cdl=API_unavailable&it=1729513953342&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1729513956895-c8c1ae80-980a-4ea6-8d0a-7d282761f371&tm=2&exp=h3&rqm=GET

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=10, mss=1297, tbw=6795, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 105ms
105ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=926964410783916&ev=App%20-%20Browse&dl=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&rl=&if=false&ts=1729513957810&cd[Screen]=Log%20In&sw=1600&sh=1200&v=2.9.172&r=stable&a=seg&ec=2&o=12318&fbp=fb.1.1729513955359.705139080708665910&ler=empty&cdl=API_unavailable&it=1729513953342&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1729513956895-c8c1ae80-980a-4ea6-8d0a-7d282761f371&tm=2&exp=h3&rqm=FGET

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428205884978673125"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x485b83206727ad36","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["1734545689994782"]},"debug_reporting":true,"debug_key":"538359708284802037"}
date: Mon, 21 Oct 2024 12:32:37 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: FYGkmjM8R05xtadw9K+PBJB0Q0D+BzWs2z8nCjJMizHrnXW0kq83v2EdudA6Dnyexl0zH9e7gsng5JHEBAGnNA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428205884978673125", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=14, mss=1297, tbw=6942, tp=-1, tpl=-1, uplat=55, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 frame-modern.5f25bd4d.js Show response
js.intercomcdn.com/ Frame CCB9 469 KB
142 KB 240ms
50ms Script
application/javascript 18.245.46.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.5f25bd4d.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/iwfxzmxt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-20.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0fb62017d3388c5fc2a7935a47ae3e7021928dbc0e5e84253f510c71b1e2c2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "6cfd40b8b01fd79cf405bb8e6a3af5d2"
x-amz-version-id: I7kX4SlQdY8xKq8jVDgSbHSiS6.jc.rb
age: 2302
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: aYpgab3TSOpR69XZDtdOjbPmGf_6NNNT4l9sul-5hGBqwe_uIQeWTw==
date: Mon, 21 Oct 2024 11:54:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 21 Oct 2024 11:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 144293
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-modern.8b97a971.js Show response
js.intercomcdn.com/ Frame CCB9 455 KB
145 KB 347ms
158ms Script
application/javascript 18.245.46.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.8b97a971.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/iwfxzmxt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-20.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: vBx0xWgOa93EdPNTUd4xrs7ZcBFA8sYe
etag: "2406ae0ce4db8aa51ed52dde4792a464"
age: 638
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Txh5CO-eDdBnUWE1JAlYgCudszj1y1a0RpDjE7Tnw3pQYAVqSBCz5Q==
date: Mon, 21 Oct 2024 12:22:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 18 Oct 2024 12:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 147289
x-amz-cf-pop: FRA56-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 array.js Show response
app.posthog.com/static/ 152 KB
53 KB 269ms
85ms Script
text/javascript 2606:4700:10::ac43:2832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.posthog.com/static/array.js

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c7703f618ce7c18b84c7fe10537c174ab7f077a6c68219313692a9e7df2ef4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 79
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 12:32:38 GMT
content-type: text/javascript; charset="utf-8"
last-modified: Fri, 18 Oct 2024 18:30:48 GMT
vary: Cookie, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=300
cross-origin-opener-policy: same-origin
x-envoy-upstream-service-time: 19
referrer-policy: same-origin
cf-ray: 8d61457e7a4abbb3-FRA
access-control-allow-origin: *
server: cloudflare

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
171 B 223ms
220ms Fetch
application/json 44.240.52.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Si3LvFanFri9oU3yolg5GYXfF8qP8ZNI/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.52.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-52-117.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://app.thnks.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://app.thnks.com
content-length: 21
date: Mon, 21 Oct 2024 12:32:38 GMT
content-type: application/json
vary: Origin

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 58ms
56ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=926964410783916&ev=PageView&dl=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&rl=&if=false&ts=1729513958105&sw=1600&sh=1200&v=2.9.172&r=stable&a=seg&ec=3&o=12318&fbp=fb.1.1729513955359.705139080708665910&cs_est=true&ler=empty&cdl=API_unavailable&it=1729513953342&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1729513957942-ae80980a-1ea6-4d0a-bd28-2761f37190bc&exp=h3&rqm=GET

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4489, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 21 Oct 2024 12:32:38 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 188ms
186ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=926964410783916&ev=PageView&dl=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in&rl=&if=false&ts=1729513958105&sw=1600&sh=1200&v=2.9.172&r=stable&a=seg&ec=3&o=12318&fbp=fb.1.1729513955359.705139080708665910&cs_est=true&ler=empty&cdl=API_unavailable&it=1729513953342&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1729513957942-ae80980a-1ea6-4d0a-bd28-2761f37190bc&exp=h3&rqm=FGET

Requested by

Host: app.thnks.com
URL: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428205889631883531"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 21 Oct 2024 12:32:38 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: DLg0/CwQIxEHHgZWBXdDADTxhmgecw/6FERJB0iJqZwgAaay+taeFWmGOUz1SRHtLJoc0wm0nqZ6JU95qbWUMQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428205889631883531", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=23, mss=1232, tbw=4857, tp=13, tpl=0, uplat=142, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 / Show response
us.i.posthog.com/decide/ 812 B
814 B 405ms
129ms XHR
application/json 44.218.51.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/decide/?v=3&ip=1&_=1729513958377&ver=1.174.2&compression=base64

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.218.51.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-218-51-203.compute-1.amazonaws.com

Software

envoy /

Resource Hash

21822af330ef698e77053c731957c1301092927794f944b0460cc245d2c9caba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://app.thnks.com/

Response headers

cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 8
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: same-origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app.thnks.com
date: Mon, 21 Oct 2024 12:32:38 GMT
content-type: application/json
vary: Accept-Encoding
server: envoy
access-control-allow-headers: X-Requested-With,Content-Type

POST
H2 200 launcher_settings Show response
api-iam.intercom.io/messenger/web/ Frame CCB9 240 B
891 B 459ms
173ms XHR
application/json 52.45.139.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/launcher_settings

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5f25bd4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.45.139.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-139-96.compute-1.amazonaws.com

Software

nginx /

Resource Hash

923122db78a94514dbe54f9e7592c33988a1bedea9a2f8c8e49cb3516efe4373

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 00061lc8hilvdv789lkg
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"923122db78a94514dbe54f9e7592c339"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Mon, 21 Oct 2024 12:32:38 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.032093
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://app.thnks.com
x-xss-protection: 1; mode=block
x-intercom-version: cc2c3fbf54abef3ae4e97560cb766889e9fa768f
x-ami-version: ami-0172903375ae36d8d
server: nginx

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame CCB9 4 KB
3 KB 670ms
384ms XHR
application/json 52.45.139.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5f25bd4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.45.139.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-139-96.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fd66c2f1c2ea2e6177cb769af2fff47aadd76338bfa426b6b63b2b43d3739964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 0003qlsqgs58mkd44m60
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"fd66c2f1c2ea2e6177cb769af2fff47a"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Mon, 21 Oct 2024 12:32:39 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.249415
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://app.thnks.com
x-xss-protection: 1; mode=block
x-intercom-version: cc2c3fbf54abef3ae4e97560cb766889e9fa768f
x-ami-version: ami-0172903375ae36d8d
server: nginx

GET
H2 200 favicon.ico
app.thnks.com/assets/img/ 1 KB
2 KB 460ms
459ms Other
image/vnd.microsoft.icon 2600:9000:2057:1600:1e:aead:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.thnks.com/assets/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1600:1e:aead:b400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

17f7fcc81828fe07fe479996e1401f2eea9d1ffd88998771070fbd46fd86aead

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/?utm_swu=4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*

Response headers

etag: "b5b055bfb0fa960f4cca2b740cf10b12"
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-amz-cf-id: u_GcqmPk0SgrkRooSfGDvK8RGniBP2GWYh1AURPhhkSjrMrO5SfI4w==
date: Mon, 21 Oct 2024 12:32:39 GMT
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
last-modified: Tue, 08 Oct 2024 11:50:36 GMT
x-amz-id-2: iF7n8Koc5OjAdlJXHa/3Y1kRduW0IXSu6sWmfMokVv9rymMfMKRQJPGCsFeonuu08DpFhkofO3Q=
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: frame-ancestors app.thnks.com www.facebook.com
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-request-id: CZKHJZNPHPTJPXTE
accept-ranges: bytes
content-length: 1150
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 nav_menu_helper_1728401297040.js Show response
cdn.userway.org/widgetapp/2024-10-08-15-28-17/remediation/ 23 KB
7 KB 42ms
41ms Script
application/javascript 2a02:6ea0:c700::112
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/remediation/nav_menu_helper_1728401297040.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-10-08-15-28-17/widget_app_base_1728401297040.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://app.thnks.com
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"d5babf1f477d0f7bf4044b0693b956d9"
age: 361
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: 2ghQ2-d2KEp_9bhHBa9MEA5aq-yXbaHhpxeBAcGUd5Nk4RrEE5AM7A==
date: Mon, 21 Oct 2024 12:32:38 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:31:35 GMT
vary: Accept-Encoding
x-77-nzt-ray: 15b3c711b058bebae649166756195c25
x-77-nzt: EgwBqZb/tgH3p/cQAAwBJRPCLgG3BgAAAA
cache-control: max-age=25920000, public
via: 1.1 de11a38373aee7f9d5ba9d586bb8bfd2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 1111975
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 1A29 0
0 44ms
44ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.thnks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2190709
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 21 Oct 2024 12:32:38 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 105225
x-content-type-options: nosniff
x-request-id: 4c249a9c-957b-4cd1-9e61-22db07cd30a4
x-served-by: cache-fra-etou8220103-FRA

GET
H2 200 recorder.js Show response
us-assets.i.posthog.com/static/ 91 KB
32 KB 744ms
498ms Script
text/javascript 2606:4700:10::6816:3bb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-assets.i.posthog.com/static/recorder.js?v=1.174.2

Requested by

Host: app.posthog.com
URL: https://app.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3bb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c54ad3e9e1ac5e23bb3c1fc4eef743cdf765369a57bc381d8e5c31aec1a39fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://app.thnks.com
Referer: https://app.thnks.com/

Response headers

cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin
content-encoding: gzip
x-envoy-upstream-service-time: 16
cf-cache-status: MISS
x-content-type-options: nosniff
referrer-policy: same-origin
cf-ray: 8d6145847dfddbf8-FRA
access-control-allow-origin: *
date: Mon, 21 Oct 2024 12:32:39 GMT
content-type: text/javascript; charset="utf-8"
last-modified: Fri, 18 Oct 2024 18:10:47 GMT
vary: Cookie, Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 83ms
80ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P17GBS3R7K&gtm=45je4ah0v874503276za200zb77180433&_p=1729513952515&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101529665~101686685&cid=1733605265.1729513954&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1729513953&sct=1&seg=0&dl=https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*&dt=Thnks%20%7C%20Growing%20Business%20with%20Gratitude&en=scroll&epn.percent_scrolled=90&_et=108&tfd=7666
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P17GBS3R7K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.thnks.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 12:32:38 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame CCB9 4 KB
2 KB 313ms
311ms XHR
application/json 52.45.139.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5f25bd4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.45.139.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-139-96.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e688ce38796724b8d3c623852a2d3dd58f76cb854b930963943d7edb9abd3406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 0000b08lueqlro8641i0
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"e688ce38796724b8d3c623852a2d3dd5"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Mon, 21 Oct 2024 12:32:39 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.191342
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://app.thnks.com
x-xss-protection: 1; mode=block
x-intercom-version: 409269d7ea6c806ce2bc0a4f0485bb62da6f49a3
x-ami-version: ami-0172903375ae36d8d
server: nginx

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame CCB9 4 B
730 B 289ms
284ms XHR
application/json 52.45.139.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5f25bd4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.45.139.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-139-96.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 0000b1vcpnbmtbu5lpu0
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"e10808d43975dc400731053386849f86"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Mon, 21 Oct 2024 12:32:39 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.129981
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://app.thnks.com
x-xss-protection: 1; mode=block
x-intercom-version: 409269d7ea6c806ce2bc0a4f0485bb62da6f49a3
x-ami-version: ami-0172903375ae36d8d
server: nginx

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame CCB9 4 B
730 B 260ms
248ms XHR
application/json 52.45.139.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5f25bd4d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.45.139.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-139-96.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

x-request-id: 0000b2umpgk58d5len4g
access-control-expose-headers: x-request-id
content-encoding: gzip
etag: W/"e10808d43975dc400731053386849f86"
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
status: 200 OK
date: Mon, 21 Oct 2024 12:32:39 GMT
content-type: application/json; charset=utf-8
vary: Accept,Accept-Encoding
x-runtime: 0.129033
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-request-queueing: 0
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://app.thnks.com
x-xss-protection: 1; mode=block
x-intercom-version: 409269d7ea6c806ce2bc0a4f0485bb62da6f49a3
x-ami-version: ami-0172903375ae36d8d
server: nginx

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/r9zyhc9PlX/2584448/MDZrQIyxAdzAT1kg/ 250 B
698 B 211ms
211ms Fetch
application/json 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/r9zyhc9PlX/2584448/MDZrQIyxAdzAT1kg/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fapp.thnks.com%2Fassets%2Ffile-loader%2F10d09ae1a528dffabaef..svg%22%2C%22alt%22%3A%22logo%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-08-15-28-17/paid/remediation-tool.js?ts=1728401297040
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3eeff7f5b07758317c5007f10811b81c6afd98f55fdc100e9689d3b1a37c4f3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"fa-0TbKeYASc2OqDBQC2KjvSFE7pbc"
x-77-cache: MISS
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
date: Mon, 21 Oct 2024 12:32:39 GMT
content-type: application/json; charset=utf-8
x-77-nzt-ray: 1cb09c0ec0ca880ce7491667e749a128
vary: Accept-Encoding
access-control-allow-headers: *
x-77-nzt: EggB1GY4sQFBCAGckiEfAQE
cache-control: max-age=604800
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-a922622f
server: CDN77-Turbo

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/r9zyhc9PlX/2584448/MDZrQIyxAdzAT1kg/ Frame 0
0 343ms
202ms Preflight 2a02:6ea0:c700::21
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/r9zyhc9PlX/2584448/MDZrQIyxAdzAT1kg/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fapp.thnks.com%2Fassets%2Ffile-loader%2F10d09ae1a528dffabaef..svg%22%2C%22alt%22%3A%22logo%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fapp.thnks.com%2F%3Futm_swu%3D4092**Agift*donate*91b03906f5f1492abd58a942ae9d4850*%23%2Fsign-in%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://app.thnks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Mon, 21 Oct 2024 12:32:39 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggB1GY4sQAACAGckiEfAAA
x-77-nzt-ray: 1cb09c0ec0ca880ce7491667c769741c
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-a922622f

GET
H2 200 2584448 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 353ms
352ms Fetch
application/json 2600:1f14:5db:eb22:2b69:808b:7241:9f83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/2584448
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-08-15-28-17/paid/remediation-tool.js?ts=1728401297040
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:2b69:808b:7241:9f83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 51
date: Mon, 21 Oct 2024 12:32:40 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

GET
H2 200 2584448 Show response
api.userway.org/api/br-links/v0/links/ 139 B
506 B 557ms
556ms Fetch
application/json 2600:1f14:5db:eb22:2b69:808b:7241:9f83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/2584448
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-10-08-15-28-17/paid/remediation-tool.js?ts=1728401297040
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:2b69:808b:7241:9f83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0d433b3625b1682c78a5ea647f3a2aa0851e3ec2742c2cccb845a13aa56b237d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
etag: W/"8b-5BGibelgh5QvYljKER4yXyCYOFw"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 139
date: Mon, 21 Oct 2024 12:32:40 GMT
content-type: application/json; charset=utf-8
x-service-version: apps-5b4b97f5
vary: Accept-Encoding
access-control-allow-headers: *

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
371 B 270ms
65ms XHR
application/json 35.190.25.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1729513962597

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://app.thnks.com/

Response headers

strict-transport-security: max-age=604800; includeSubDomains
access-control-max-age: 1728000
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
x-envoy-upstream-service-time: 15
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: https://app.thnks.com
alt-svc: clear
content-length: 25
date: Mon, 21 Oct 2024 12:32:42 GMT
content-type: application/json
server: envoy
access-control-allow-headers: X-Requested-With, Content-Type

GET
H3 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 176 B
545 B 86ms
46ms Script
text/javascript 13.35.58.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_128_GCM

Server

13.35.58.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-22.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://app.thnks.com/

Response headers

etag: "96f5b26d366f47393b3ff36fe7471474"
age: 3047
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Qg1v5pyyEYkXbD0YuTfhx1klmUB3gQEds2kUEIRGFiE6yI9-o2a6mg==
date: Mon, 21 Oct 2024 11:41:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 18 Oct 2024 20:04:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 ab85f05f60638addab7913cfb252c99a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 176
x-amz-cf-pop: FRA60-P10
server: Cloudfront

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thnks.com/	1970-01-21 02:34:49	Name: _gcl_au Value: 1.1.84373747.1729513953
.thnks.com/	1970-01-21 10:01:13	Name: _ga Value: GA1.1.1733605265.1729513954
.thnks.com/	1970-01-21 10:01:13	Name: _ga_P17GBS3R7K Value: GS1.1.1729513953.1.0.1729513953.0.0.0
.thnks.com/	1970-01-21 02:34:49	Name: _fbp Value: fb.1.1729513955359.705139080708665910
.thnks.com/	1970-01-21 09:10:49	Name: ajs_anonymous_id Value: 20fec8c1-ae80-480a-9ea6-cd0a7d282761
.thnks.com/	1970-01-21 09:10:49	Name: mp_fbff075fff7f0e6949f41dc727a131d8_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A192af10a9071932-054aa5264c326e-1e462c6f-1d4c00-192af10a9071932%22%2C%22%24device_id%22%3A%20%22192af10a9071932-054aa5264c326e-1e462c6f-1d4c00-192af10a9071932%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22Web%20App%20Version%22%3A%20%221.195.16%22%2C%22Platform%22%3A%20%22WebApp%22%7D
.thnks.com/	1970-01-21 09:10:49	Name: ph_phc_Kql3s3L53OL8e5vad6g7Q5M2Pu6yDvuuXf3pbkW7qTq_posthog Value: %7B%22distinct_id%22%3A%220192af10-abe3-7561-9df1-47f791770406%22%2C%22%24sesid%22%3A%5B1729513958846%2C%220192af10-abe1-7559-a350-30426ad81990%22%2C1729513958369%5D%7D
.thnks.com/	1970-01-21 06:54:03	Name: intercom-id-iwfxzmxt Value: 03202f51-9790-444f-ad93-b671d823af9f
.thnks.com/	1970-01-21 00:35:18	Name: intercom-session-iwfxzmxt Value:
.thnks.com/	1970-01-21 06:54:03	Name: intercom-device-id-iwfxzmxt Value: 051b64fa-e7a6-463e-ae9c-369d85f73ce7
m.stripe.com/	1970-01-21 10:01:13	Name: m Value: df34150b-8d5e-43d9-81fd-4460c5db6d7b831434
.app.thnks.com/	1970-01-21 09:10:49	Name: __stripe_mid Value: e0fe8668-20fc-43df-af10-d9ef12d240d5a3ae0c
.app.thnks.com/	1970-01-21 00:25:15	Name: __stripe_sid Value: c78698da-c228-4554-b787-5091b155f592c0c419

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://app.thnks.com/?utm_swu=4092*Agiftdonate91b03906f5f1492abd58a942ae9d4850#/sign-in Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors app.thnks.com www.facebook.com
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api-js.mixpanel.com
api.segment.io
api.thnks.com
api.userway.org
app.posthog.com
app.thnks.com
appleid.cdn-apple.com
cdn.mxpnl.com
cdn.segment.com
cdn.userway.org
cdn77.api.userway.org
cdnjs.cloudflare.com
connect.facebook.net
js.intercomcdn.com
js.stripe.com
p.typekit.net
region1.google-analytics.com
us-assets.i.posthog.com
us.i.posthog.com
use.typekit.net
widget.intercom.io
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.25.14
104.77.37.101
13.35.58.22
142.250.181.227
151.101.0.176
157.240.0.35
157.240.0.6
18.239.36.23
18.245.46.20
2001:4860:4802:34::36
216.58.206.36
2600:1901:0:498c::
2600:1f14:5db:eb22:2b69:808b:7241:9f83
2600:9000:2057:1600:1e:aead:b400:93a1
2606:4700:10::6816:3bb5
2606:4700:10::ac43:2832
2a00:1450:4001:82f::2008
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148d
2a02:6ea0:c700::112
2a02:6ea0:c700::21
2a03:2880:f177:185:face:b00c:0:25de
34.208.71.80
35.190.25.25
44.218.51.203
44.240.52.117
52.45.139.96
99.86.8.175
04bde84c00132d26dff806e922ba556916db435fbae302ffe70cdeb1fc63df32
06ea13c6d1d75446d30f86d2c5898d2f0bb7b5c51085b389d75ffa23db9748ab
0d433b3625b1682c78a5ea647f3a2aa0851e3ec2742c2cccb845a13aa56b237d
0fb62017d3388c5fc2a7935a47ae3e7021928dbc0e5e84253f510c71b1e2c2fc
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
17f7fcc81828fe07fe479996e1401f2eea9d1ffd88998771070fbd46fd86aead
19aae78d7beaecfaffbb36932e908f578d5a72432ba663accc95815a9f2cd21f
1a5f14c10de17aa94a09df3b4d80349f1424d50b878e76decd32b0ae7b38db50
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1da255b6f612f9a812370a277c7f692fc063c9b4a5e3b70395d055da78a16d35
21822af330ef698e77053c731957c1301092927794f944b0460cc245d2c9caba
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
2b209f11fee7347f2d75e8ba025d74f643b756eea4e845bcdf5cde2c48e15e06
2dba15997de00bb763cec60caa48dd81314b11d657f81b5e92e54a5e417cac63
2dd68f7b1a47fb171cdcf4c27de434b44fff394f3d05891eab2368135edb5156
2e8bb556bc2d34b3154e32418bbb3984427201448aca906c634830809bd36875
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
394a27be047c35e2332b44911fca4ec12e1e1716ccb0d149fa3c59919c83ca68
3a7261820eb6a07dd3073f6f908b9b0a3cf720c22d583bb442aa710fd5620668
3b12b5e40f277e780c11275b1623df19998e24279c81f142d3418dc45a9ac567
3c394985a98ff83171e9e499912cda4a034e11c63d5fa4eab40b97c9f58d6984
3eeff7f5b07758317c5007f10811b81c6afd98f55fdc100e9689d3b1a37c4f3a
42c1ddeaf8478b1f54eedb7829ea19fc7ab4490e6efd70247dd1660f73dd1b73
443c6c8f5308fb1ec6625ac6547c6868fd034c8d96a25669d8e2698e7fe110d7
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255
4da89d6b17e680bc400a97862b0d255d6aee25d5e16c276bf43a5af9fa62c533
4df53644d1c9fd651ccfd697977eb07d94cd744b0a4997568d67cc25ef44e483
5357d3283ddf27fc4156d8c48f95dadf544139b198c43db3162c8cf18b3de996
564bcd4683fa46d647535a7560836f7f33c7a32d8d43f2b492da8308e43fdac6
59304960764c4925a44cb2895726fc0f4faaa058bf4c3a2286d817cb7b9738c4
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
6ac81243a2cb23509cd63fe681f6969ace8c40bb18e999c97bafa74c4f4e6713
6b8742996b146160561b2abc9bee9ae2a7557a930764e3150854c03dc2434a15
75bce8973450b6f9872cd0e0b14cdac748331748d262e1894bfbd822d998a3b9
7b10bb87d9b2e11fff7427f6b53015b237b2fa527fd1c49983a83ec6108c610f
7c7703f618ce7c18b84c7fe10537c174ab7f077a6c68219313692a9e7df2ef4c
801aa099647270906cc33411fcd8611aa3ca2ac899b0f13485ae59382bbade85
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
8c54ad3e9e1ac5e23bb3c1fc4eef743cdf765369a57bc381d8e5c31aec1a39fd
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
923122db78a94514dbe54f9e7592c33988a1bedea9a2f8c8e49cb3516efe4373
924af62e7a04b73299ec45a77897d6f16dd85a5f150bf8be88ac64097c09df94
92a186a4d39702090ae3d539a1cf7cc0187b99203ed928fb4514fa3fdabf566d
9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a4d8e75c1df1a7379f4baa1503db08fc811b27bfff1dc79e3aa852327b0032ce
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad4ec56c04477d9acc30ce9a07150d3b241ea38d96ec99aa0c6617e2379f1445
b002fc00c4f0e006b8e5d6a8b4753e744bb0feb3fb732671b45528928ea6027c
b177d2e5888909a84386c8845db7c42fd4fdef974a8dce8126cc7ae8774972a7
c071075e036b5a3c83d72038ba89573561e4783f96f824f6223bd183ba672741
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c6e448760bf9b1354933c673a971e6211a48319ed4ce594017d6c242640edc1f
d5b1c5b78ba4e497c3945d3fbb34486695c413eae3f0a9c29f9279520fdb8b5e
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
e31f852a397b7271fa0fc64f79c0ac21db3fbce8abbac211951b61daa32cc584
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e688ce38796724b8d3c623852a2d3dd58f76cb854b930963943d7edb9abd3406
e9a8dd7ff21f8f835f055ff8753e7ef4d0ba0a5c88d4404a3d6452e8e0ab66ba
ebaec3882b249b1ba8ff2f1a75d2a2b87ee59603375cbaef7e829799da2ff62d
f0ff4d8dcfde130c739c84a3ba4f469cbeddf94a2fe8f4cd4cb0ae6462e1f4bb
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec
f6e153a79a22b2045febfb7bc0e2b2e2afcfbc5131357b57247c697519046dcd
fcbd22fcf355f8ca1b4eee520ca2541bb02fa8c77ccfe2d2795570b89a7fd134
fd66c2f1c2ea2e6177cb769af2fff47aadd76338bfa426b6b63b2b43d3739964
fe66f91eae12efca0ac117ae0505e43f25e81f9da5ad13cd2e563bf7fe1508ee

app.thnks.com Open in urlscan Pro 2600:9000:2057:1600:1e:aead:b400:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

100 %HTTPS

43 %IPv6

19 Domains

26 Subdomains

29 IPs

4 Countries

2547 kBTransfer

9600 kBSize

13 Cookies

12 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.thnks.com Open in urlscan Pro
2600:9000:2057:1600:1e:aead:b400:93a1 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

100 %
HTTPS

43 %
IPv6

19
Domains

26
Subdomains

29
IPs

4
Countries

2547 kB
Transfer

9600 kB
Size

13
Cookies

89 HTTP transactions
1 data transactions